The IPv6 loopback interface on AIX has both IFF_BROADCAST and IFF_LOOPBACK set. Checking IFF_BROADCAST first erroneously makes it appear as an Ethernet device.
MAC address matched the expected address, and if so, take that as a preliminary
match before checking the description string for a stronger match. But if
retrieving the the MAC address failed completely, it was still being accepted
as a preliminary match, and would prevent later matches with only the MAC
address from being accepted.
matches, but keep searching in case there's an interface where both the
hardware address and description string match.
Matching only on the hardware address is not sufficient, because several
interfaces will have the same address in the case of interface teaming.
See the log message for r17542.
But this revision broke interface matching for Luis MartinGarcia and Rob
Nicholls. For Luis, the call to PacketRequest with OID_GEN_FRIENDLY_NAME
was failing. For Rob, the friendly name differed slightly from the
description provided by libpcap. This change makes a hardware address
match good enough but will prefer a description match too.
eth_get_pcap_devname as a wrapper.
In addition to the hardware address check, add a check of the textual interface
descriptions in order better to distinguish interfaces. It appears to me that
the pcap description (pdev->description) is the same as what is returned by a
call to PacketRequest with an OID of OID_GEN_FRIENDLY_NAME, so that's what I'm
comparing. That differs from OID_GEN_VENDOR_NAME, which is what you get in
ifrow.bDescr from GetIfTable.
We've found that simply comparing hardware addresses is not enough when using
Windows "teamed" (link-aggregated) interfaces. In a simple example, two NICs
are teamed together, leading to three interfaces visible to libdnet: the two
physical NICs and the virtual teamed interface. All three of these have the
same MAC address. What was happening was the eth0 interface was being assigned
to one of the physical NICs, packets were sent over it, but the replies were
not necessarily coming back to the same physical NIC.
than one string of digits. Joe Dietz reported that an interface with
the name e1000g0 was causing the error message
Warning: Unable to open interface e1000g0 -- skipping it.
on Solaris 9. [David]
a layer 4 protocol used mostly for telephony related applications.
This brings the following new features:
o SCTP INIT chunk port scan (-sY): open ports return an INIT-ACK
chunk, closed ones an ABORT chunk. This is the SCTP equivalent
of a TCP SYN stealth scan.
o SCTP COOKIE-ECHO chunk port scan (-sZ): open ports are silent,
closed ports return an ABORT chunk.
o SCTP INIT chunk ping probes (-PY): host discovery using SCTP
INIT chunk packets.
o SCTP-specific IP protocol scan (-sO -p sctp).
o SCTP-specific traceroute support (--traceroute).
o The ability to use the deprecated Adler32 algorithm as specified
in RFC 2960 instead of CRC32C from RFC 4960 (--adler32).
o 42 well-known SCTP ports were added to the nmap-services file.
Part of the work on SCTP support was kindly sponsored by
Compass Security AG, Switzerland. [Daniel Roethlisberger]
addr_stob didn't handle the special case of the sa_len member of
struct sockaddr being equal to 0 and accessed unrelated memory past
the end of the sockaddr. A symptom of this was the fatal error
nexthost: failed to determine route to ...
which was caused by the default route being assigned a netmask other
than 0.0.0.0.
addresses if matching IP addresses fails. I have a feeling this is more
reliable than matching IP addresses, but as I'm not sure, I have made it the
backup so that nothing will stop working that was working before. The MAC
address matching works fine for me if I disable the IP address matching. The
code is adapted from libdnet 1.11.
all of the dnet device's addresses, not just the first one. This is a long shot
to fix the "dnet: Failed to open eth4" problem on Vista, but it's the right
thing anyway.
recognize devices with type INTF_TYPE_IEEE80211 as Ethernet devices.
This ought to make wireless network scanning work on Windows Vista. For
more background see http://seclists.org/nmap-dev/2007/q4/0391.html.
ltmain.sh, and missing from subdirectories. Autoconf automatically looks
in the parent directory for these files. I had to copy the files
depcomp, ltmain.sh, and missing into the root of the source tree.
(These get mapped to interfaces beginning with "net": net0, net1, etc.) I
originally planned to make this a debugging message to be displayed at a
certain debuggin level whether the interface type is recognized or not. It
looked to be a pain to give libdnet visibility of Nmap debugging level, so
instead it just prints a message to stderr only when the interface type is
unrecognized.
